Bug 109730 - net-analyzer/snort 2.4.x Back Orifice Vulnerability
Bug#: 109730 Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: trivial Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: jaervosz@gentoo.org
Component: Vulnerabilities
URL:  http://www.snort.org/pub-bin/snortnews.cgi#99
Summary: net-analyzer/snort 2.4.x Back Orifice Vulnerability
Keywords:  
Status Whiteboard: ~1 [noglsa] jaervosz
Opened: 2005-10-18 13:05 0000
Description:   Opened: 2005-10-18 13:05 0000 
The Sourcefire Vulnerability Research Team (VRT) has learned of a 
vulnerability in Snort v2.4.0 and higher. Users are only vulnerable if the 
Back Orifice preprocessor is enabled. Snort v2.4.3 has been released to 
correct the issue.

------- Comment #1 From Sune Kloppenborg Jeppesen 2005-10-18 13:06:53 0000 ------- 
netmon please advise and bump as needed.

------- Comment #2 From Benjamin Smee (strerror) (RETIRED) 2005-10-19 02:20:16 0000 ------- 
just tested a new ebuild for 2.4.3 with all USE flags enabled and seems to be
fine,so have revbumped in cvs.

------- Comment #3 From Thierry Carrez (RETIRED) 2005-10-20 04:22:36 0000 ------- 
Done.

------- Comment #4 From Jakub Moc (RETIRED) 2005-11-10 02:20:36 0000 ------- 
*** Bug 112055 has been marked as a duplicate of this bug. ***